CTF-Tools – Some setup scripts for security research tools

This is a collection of setup scripts to create an install of various security research tools. Of course, this isn’t a hard problem, but it’s really nice to have them in one place that’s easily deployable to new machines and so forth.

A tool for decoding ssh traffic. You will need ruby1.8 from https://launchpad.net/~brightbox/+archive/ubuntu/ruby-ng to run this. Run with ssh_decoder --help for help, as running it with no arguments causes it to crash.

Where possible, the tools keep the installs very self-contained (i.e., in to tool/ directory), and most uninstalls are just calls to git clean ( NOTE , this is NOT careful; everything under the tool directory, including whatever you were working on, is blown away during an uninstall). To support python dependencies, however, make sure to create a virtualenv before installing and using tools (i.e., mkvirtualenv --system-site-packages ctf . The --system-site-packages is there for easier reuse of apt-gotten python packages where necessary).

Docker By popular demand, a Dockerfile has been included. You can build a docker image with:

The built image will have ctf-tools cloned and ready to go, but you will still need to install the tools themselves (see above).

Vagrant You can build a Vagrant VM with:

wget https://raw.githubusercontent.com/zardus/ctf-tools/master/Vagrantfilevagrant up

And connect to it via:

vagrant ssh

Adding Tools To add a tool (say, named toolname ), do the following:

Create a toolname directory.

Create an install script.

(optional) if special uninstall steps are required, create an uninstall script.

Install Scripts The install script will be run with $PWD being toolname . It should install the tool into this directory, in as contained a manner as possible. Ideally, full uninstallation should be possible with a git clean . The install script should create a bin directory and put its executables there. These executables will be automatically linked into the main bin directory for the repo. They could be launched from any directory, so don’t make assumptions about the location of $0 !